Find the password from behind the ********** and other security vulnerabilities!

March 9th, 2015

If you are paying even the slightest attention to current technology trends, you will notice that many of your desktop applications are taking on the appearance of a browser! The entire Microsoft Office suite, for example, has been optimized for the “cloud”. Free versions available for iPhone. Mobile devices in particular are depending more on “server” side applications with the “client” reduced to a thin client browser type interface. The good news is that less computing power is needed at the desktop making the possibility of re purposing old computer as thin clients a reality. No need to run out and get the latest hardware and desktop operating systems, if you are moving to the equivalent of Microsoft Office 365, Google Docs or any of the increasingly popular cloud based solutions.

Along with the dependency on browser based applications is the alarming rate of security vulnerabilities that are exploit by the savvy against the less sophisticated user. As the browser becomes more widely used as the primary application interface, more security violations are experienced. Why? The best way to understand this phenomena is to look at a very simple example of a security vulnerability observable on most desktops, the cached Password. When you bring up your browser to access your favorite cloud application, your user name and password are often presented automatically. The Password field is generally filled with a string of ************ to block out your password from view. Once you realize how easy it is to recover that Password and to display it in clear text, you will intuitively learn how dangerous cloud based security vulnerabilities can quickly become if not judiciously policed by an educated user population!